Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0549 1 Anthill 1 Anthill 2025-04-03 N/A
Cross-site scripting vulnerabilities in Anthill allow remote attackers to execute script as other Anthill users.
CVE-2006-0077 1 Richard Dawe 1 File Extattr 2025-04-03 N/A
Off-by-one error in the getfattr function in File::ExtAttr before 0.03 allows attackers to trigger a buffer overflow via unspecified attack vectors.
CVE-2006-1131 1 Bitweaver 1 Bitweaver 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in read.php in bitweaver CMS 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the comment_title parameter.
CVE-2005-1410 3 Postgresql, Redhat, Trustix 3 Postgresql, Enterprise Linux, Secure Linux 2025-04-03 N/A
The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, which allows attackers to cause a denial of service (application crash) and possibly have other impacts via SQL commands that call other functions that accept internal arguments.
CVE-2005-1412 1 Ecomm 1 Professional Guestbook 2025-04-03 N/A
SQL injection vulnerability in verify.asp for Ecomm Professional Guestbook 3.x allows remote attackers to execute arbitrary SQL commands via the AdminPWD parameter.
CVE-2002-0550 1 Gcf 1 Dynamic Guestbook 2025-04-03 N/A
Dynamic Guestbook 3.0 allows remote attackers to execute arbitrary code via shell metacharacters in the gbdaten parameter.
CVE-2005-1414 1 Exoticsoft 1 Filepocket 2025-04-03 N/A
ExoticSoft FilePocket 1.2 stores sensitive proxy information, including proxy passwords, in plaintext in the registry, which allows local users to gain privileges.
CVE-2002-1317 4 Hp, Sgi, Sun and 1 more 5 Hp-ux, Irix, Solaris and 2 more 2025-04-03 N/A
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
CVE-2006-0078 1 Haddad Said 1 B-net Software 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in B-net Software 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) shout variables to (a) shout.php, or the (3) title and (4) message variables to (b) guestbook.php.
CVE-2006-1133 1 Vbzoom 1 Vbzoom 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in vbzoom 1.11 allow remote attackers to inject arbitrary web script or HTML via the UserID parameter to (1) comment.php or (2) contact.php. NOTE: the profile.php/UserName vector is already covered by CVE-2005-2441.
CVE-2005-1416 1 Soft3304 1 04webserver 2025-04-03 N/A
Directory traversal vulnerability in 04WebServer 1.81 allows remote attackers to read files outside of the web root but within the installation folder.
CVE-2005-1417 1 Maxwebportal 1 Maxwebportal 2025-04-03 N/A
Multiple SQL injection vulnerabilities in MaxWebPortal 2.x, 1.35, and other versions allow remote attackers to execute arbitrary SQL commands via (1) article_popular.asp, (2) arguments to dl_popular.asp, (3) arguments to links_popular.asp, (4) arguments to pic_popular.asp, (5) article_rate.asp, (6) dl_rate.asp, (7) links_rate.asp, (8) pic_rates.asp, (9) article_toprated.asp, (10) dl_toprated.asp, (11) links_toprated.asp, (12) arguments to pic_toprated.asp, or (13) the TOPIC_ID or Forum_ID parameters to custom_link.asp.
CVE-2006-0084 1 Rasmp 1 Rasmp 2025-04-03 N/A
Cross-site scripting vulnerability in index.php in raSMP 2.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the $_SERVER[HTTP_USER_AGENT] variable (User-Agent header).
CVE-2005-1421 1 Raysoft 1 Video Cam Server 2025-04-03 N/A
Directory traversal vulnerability in Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to read arbitrary files via ".." (dot dot) sequences in an HTTP request.
CVE-2005-1422 1 Raysoft 1 Video Cam Server 2025-04-03 N/A
Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to conduct administrator operations and cause a denial of service (server or camera shutdown) via a direct request to admin.html.
CVE-2005-1480 1 Raiden Professional Servers 1 Raidenftpd 2025-04-03 N/A
Directory traversal vulnerability in RaidenFTPD before 2.4.2241 allows remote attackers to read arbitrary files via a "..\\" (dot dot backslash) in the urlget site command.
CVE-2005-1481 1 Aaronoutpost 1 Asp Inline Corporate Calendar 2025-04-03 N/A
Multiple SQL injection vulnerabilities in Aaron Outpost ASP Inline Corporate Calendar allow remote attackers to execute arbitrary SQL commands via the Event_ID parameter to (1) defer.asp or (2) details.asp.
CVE-2006-0129 1 Rockliffe 1 Mailsite 2025-04-03 N/A
Mail Management Agent (MAILMA) (aka Mail Management Server) in Rockliffe MailSite 7.0.3.1 and earlier generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames via user requests to TCP port 106.
CVE-2005-1484 1 Kmint21 Software 1 Golden Ftp Server 2025-04-03 N/A
Directory traversal vulnerability in Golden FTP server pro 2.52 allows remote attackers to read arbitrary files via a "\.." (backward slash dot dot) with a leading '"' (double quote) in the GET command.
CVE-2006-0135 1 Thewebforum 1 Thewebforum 2025-04-03 N/A
SQL injection vulnerability in login.php in TheWebForum (twf) 1.2.1 allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the username parameter (aka the u variable).